package com.surpassun.emall.controller;

import java.io.IOException;
import java.util.Date;

import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

import com.surpassun.emall.model.User;
import com.surpassun.emall.service.UserService;
import com.surpassun.emall.util.Constants;
import com.surpassun.emall.util.ParamUtil;
import com.surpassun.emall.util.ServletResponseUtil;
import com.surpassun.emall.util.Validator;

@Controller
@RequestMapping("/account/**")
public class AccountController {
	
	private Logger _log = LoggerFactory.getLogger(AccountController.class);
	
	@Inject
	UserService userService;
	
	private final static String PARAM_FIRST_NAME = "firstname";
	private final static String PARAM_LAST_NAME = "lastname";
	private final static String PARAM_EMAIL = "email";
	private final static String PARAM_PASSWORD = "password";
	private final static String PARAM_CONFIRMATION_PASSWORD = "confirmPassword";
	
	private final static String ATTR_RESET_PASSWORD_SUCCESS = "resetPasswordSuccess";

	
	@RequestMapping("/account")
	public String view(HttpServletRequest request, HttpServletResponse response, Model model) {
		Object obj = request.getSession().getAttribute(Constants.ATTR_USER);
		if (Validator.isNotNull(obj)) {
			User user = (User)obj;
			//TODO construct myaccount page
			return "myAccount";
		} else {
			return "account";
		}
	}

	@RequestMapping("/account/login")
	public void login(HttpServletRequest request, HttpServletResponse response) {
		String email = ParamUtil.getString(request, "email");
		String password = ParamUtil.getString(request, "password");
		String ip = request.getRemoteAddr();
		
		try {
			if (Validator.isNotEmpty(email) && Validator.isNotEmpty(password)) {
				User user = userService.login(email, password, ip);
				if (Validator.isNotNull(user)) {
					//login successfully, add the user object to the session attribute
					request.getSession().setAttribute(Constants.ATTR_USER, user);
					ServletResponseUtil.write(response, Constants.LOGIN_SUCCESS);
					return;
				}
			}
			ServletResponseUtil.write(response, Constants.LOGIN_ERROR);
		} catch (IOException ioe) {
			_log.error("Error while writing response", ioe);
		}
	}
	
	@RequestMapping("/account/logout")
	public String logout(HttpServletRequest request, HttpServletResponse response, Model model) {
		request.getSession().removeAttribute(Constants.ATTR_USER);
		request.getSession().invalidate();
		return "home";
	}
	
	@RequestMapping("/account/forgetPassword")
	public String retrivePassword(HttpServletRequest request, Model model) {
		String email = ParamUtil.getString(request, PARAM_EMAIL);
		User user = userService.getUserByEmail(email);
		if (Validator.isNotNull(user)) {
			String newPassword = userService.resetPassword(user);
			//TODO send email to user
			model.addAttribute(ATTR_RESET_PASSWORD_SUCCESS, true);
		} else {
			model.addAttribute(ATTR_RESET_PASSWORD_SUCCESS, false);
		}
		
		return "account";
	}
	
	@RequestMapping("/account/register")
	public String register(HttpServletRequest request) {
		String firstname = ParamUtil.getString(request, PARAM_FIRST_NAME);
		String lastname = ParamUtil.getString(request, PARAM_LAST_NAME);
		String email = ParamUtil.getString(request, PARAM_EMAIL);
		String password = ParamUtil.getString(request, PARAM_PASSWORD);
		String confirmPassword = ParamUtil.getString(request, PARAM_CONFIRMATION_PASSWORD);
		
		boolean isValid = true;
		if (!password.equals(confirmPassword)) {
			isValid = false;
		}
		
		if (isValid) {
			try {
				User user = new User(null, new Date(), firstname, lastname, email, password, null, true, null);
				userService.add(user);
			} catch (Exception e) {
				_log.error("Error while adding user", e);
			}
		
		}
		return "account";
	}
}
